mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-07 09:16:55 +02:00
Code Issues Releases Wiki Activity

Various updates, banning, etc.

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@2745 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen
2002-07-26 16:31:50 +00:00
parent 30bb2a8397
commit 46bfc70d6d
9 changed files with 671 additions and 479 deletions
Download Patch File Download Diff File Expand all files Collapse all files

980
phpBB/admin/admin_ban.php
View File

@@ -44,7 +44,7 @@ require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
//
//
// Do we have ban permissions?
//
if ( !$acl->get_acl_admin('ban') )
{
@@ -52,441 +52,563 @@ if ( !$acl->get_acl_admin('ban') )
}
//
// Start program
// Mode setting
//
if( isset($HTTP_POST_VARS['submit']) )
if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
{
$user_bansql = '';
$email_bansql = '';
$ip_bansql = '';
$user_list = array();
if( isset($HTTP_POST_VARS['ban_user']) )
{
$user_list_temp = $HTTP_POST_VARS['ban_user'];
for($i = 0; $i < count($user_list_temp); $i++)
{
$user_list[] = trim($user_list_temp[$i]);
}
}
$ip_list = array();
if( isset($HTTP_POST_VARS['ban_ip']) )
{
$ip_list_temp = explode(',', $HTTP_POST_VARS['ban_ip']);
for($i = 0; $i < count($ip_list_temp); $i++)
{
if( preg_match('/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/', trim($ip_list_temp[$i]), $ip_range_explode) )
{
//
// Don't ask about all this, just don't ask ... !
//
$ip_1_counter = $ip_range_explode[1];
$ip_1_end = $ip_range_explode[5];
while($ip_1_counter <= $ip_1_end)
{
$ip_2_counter = ($ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[2] : 0;
$ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6];
if($ip_2_counter == 0 && $ip_2_end == 254)
{
$ip_2_counter = 256;
$ip_2_fragment = 256;
$ip_list[] = "$ip_1_counter.256.256.256";
}
while($ip_2_counter <= $ip_2_end)
{
$ip_3_counter = ($ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[3] : 0;
$ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7];
if($ip_3_counter == 0 && $ip_3_end == 254 )
{
$ip_3_counter = 256;
$ip_3_fragment = 256;
$ip_list[] = "$ip_1_counter.$ip_2_counter.256.256";
}
while($ip_3_counter <= $ip_3_end)
{
$ip_4_counter = ($ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1]) ? $ip_range_explode[4] : 0;
$ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8];
if($ip_4_counter == 0 && $ip_4_end == 254)
{
$ip_4_counter = 256;
$ip_4_fragment = 256;
$ip_list[] = "$ip_1_counter.$ip_2_counter.$ip_3_counter.256";
}
while($ip_4_counter <= $ip_4_end)
{
$ip_list[] = "$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter";
$ip_4_counter++;
}
$ip_3_counter++;
}
$ip_2_counter++;
}
$ip_1_counter++;
}
}
else if( preg_match('/^([\w\-_]\.?){2,}$/is', trim($ip_list_temp[$i])) )
{
$ip = gethostbynamel(trim($ip_list_temp[$i]));
for($j = 0; $j < count($ip); $j++)
{
if( !empty($ip[$j]) )
{
$ip_list[] = $ip[$j];
}
}
}
else if( preg_match('/^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$/', trim($ip_list_temp[$i])) )
{
$ip_list[] = str_replace('*', '256', trim($ip_list_temp[$i]));
}
}
}
$email_list = array();
if(isset($HTTP_POST_VARS['ban_email']))
{
$email_list_temp = explode(',', $HTTP_POST_VARS['ban_email']);
for($i = 0; $i < count($email_list_temp); $i++)
{
//
// This ereg match is based on one by php@unreelpro.com
// contained in the annotated php manual at php.com (ereg
// section)
//
if( eregi('^(([[:alnum:]\*]+([-_.][[:alnum:]\*]+)*\.?)|(\*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*\.){1,3}([[:alnum:]]{2,6})$', trim($email_list_temp[$i])) )
{
$email_list[] = trim($email_list_temp[$i]);
}
}
}
$sql = "SELECT *
FROM " . BANLIST_TABLE;
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't obtain banlist information", "", __LINE__, __FILE__, $sql);
}
$current_banlist = $db->sql_fetchrowset($result);
$kill_session_sql = '';
for($i = 0; $i < count($user_list); $i++)
{
$in_banlist = false;
for($j = 0; $j < count($current_banlist); $j++)
{
if($user_list[$i] == $current_banlist[$j]['ban_userid'])
{
$in_banlist = true;
}
}
if(!$in_banlist)
{
$kill_session_sql .= ( ($kill_session_sql != '') ? ' OR ' : '' ) . "session_user_id = " . $user_list[$i];
$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_userid)
VALUES (" . $user_list[$i] . ")";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert ban_userid info into database", "", __LINE__, __FILE__, $sql);
}
}
}
for($i = 0; $i < count($ip_list); $i++)
{
$in_banlist = false;
for($j = 0; $j < count($current_banlist); $j++)
{
if($ip_list[$i] == $current_banlist[$j]['ban_ip'])
{
$in_banlist = true;
}
}
if ( !$in_banlist )
{
$kill_ip_sql = ( preg_match('/256/s') ) ? "session_ip LIKE '" . preg_replace('/(256)/s', '%', $ip_list[$i]) . "'" : "session_ip = '" . $ip_list[$i] . "'";
$kill_session_sql .= ( ($kill_session_sql != '') ? ' OR ' : '' ) . $kill_ip_sql;
$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_ip)
VALUES ('" . $ip_list[$i] . "')";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert ban_ip info into database", "", __LINE__, __FILE__, $sql);
}
}
}
//
// Now we'll delete all entries from the
// session table with any of the banned
// user or IP info just entered into the
// ban table ... this will force a session
// initialisation resulting in an instant
// ban
//
if( $kill_session_sql != "" )
{
$sql = "DELETE FROM " . SESSIONS_TABLE . "
WHERE $kill_session_sql";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't delete banned sessions from database", "", __LINE__, __FILE__, $sql);
}
}
for($i = 0; $i < count($email_list); $i++)
{
$in_banlist = false;
for($j = 0; $j < count($current_banlist); $j++)
{
if( $email_list[$i] == $current_banlist[$j]['ban_email'] )
{
$in_banlist = true;
}
}
if( !$in_banlist )
{
$sql = "INSERT INTO " . BANLIST_TABLE . " (ban_email)
VALUES ('" . str_replace("\'", "''", $email_list[$i]) . "')";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't insert ban_email info into database", "", __LINE__, __FILE__, $sql);
}
}
}
$where_sql = "";
if(isset($HTTP_POST_VARS['unban_user']))
{
$user_list = $HTTP_POST_VARS['unban_user'];
for($i = 0; $i < count($user_list); $i++)
{
if($user_list[$i] != -1)
{
if($where_sql != "")
{
$where_sql .= ", ";
}
$where_sql .= $user_list[$i];
}
}
}
if( isset($HTTP_POST_VARS['unban_ip']) )
{
$ip_list = $HTTP_POST_VARS['unban_ip'];
for($i = 0; $i < count($ip_list); $i++)
{
if($ip_list[$i] != -1)
{
if($where_sql != "")
{
$where_sql .= ", ";
}
$where_sql .= $ip_list[$i];
}
}
}
if( isset($HTTP_POST_VARS['unban_email']) )
{
$email_list = $HTTP_POST_VARS['unban_email'];
for($i = 0; $i < count($email_list); $i++)
{
if($email_list[$i] != -1)
{
if($where_sql != "")
{
$where_sql .= ", ";
}
$where_sql .= $email_list[$i];
}
}
}
if( $where_sql != "" )
{
$sql = "DELETE FROM " . BANLIST_TABLE . "
WHERE ban_id IN ($where_sql)";
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't delete ban info from database", "", __LINE__, __FILE__, $sql);
}
}
$message = $lang['Ban_update_sucessful'] . "<br /><br />" . sprintf($lang['Click_return_banadmin'], "<a href=\"" . append_sid("admin_user_ban.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
message_die(GENERAL_MESSAGE, $message);
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
}
else
{
$template->set_filenames(array(
'body' => 'admin/user_ban_body.tpl')
);
$template->assign_vars(array(
'L_BAN_TITLE' => $lang['Ban_control'],
'L_BAN_EXPLAIN' => $lang['Ban_explain'],
'L_BAN_EXPLAIN_WARN' => $lang['Ban_explain_warn'],
'L_IP_OR_HOSTNAME' => $lang['IP_hostname'],
'L_EMAIL_ADDRESS' => $lang['Email_address'],
'L_SUBMIT' => $lang['Submit'],
'L_RESET' => $lang['Reset'],
'S_BANLIST_ACTION' => append_sid("admin_user_ban.$phpEx"))
);
$userban_count = 0;
$sql = "SELECT user_id, username
FROM " . USERS_TABLE . "
WHERE user_id <> " . ANONYMOUS . "
ORDER BY username ASC";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select current user_id ban list', '', __LINE__, __FILE__, $sql);
}
$user_list = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);
$select_userlist = '';
for($i = 0; $i < count($user_list); $i++)
{
$select_userlist .= '<option value="' . $user_list[$i]['user_id'] . '">' . $user_list[$i]['username'] . '</option>';
$userban_count++;
}
$select_userlist = '<select name="ban_user[]" multiple="multiple" size="5">' . $select_userlist . '</select>';
$template->assign_vars(array(
'L_BAN_USER' => $lang['Ban_username'],
'L_BAN_USER_EXPLAIN' => $lang['Ban_username_explain'],
'L_BAN_IP' => $lang['Ban_IP'],
'L_BAN_IP_EXPLAIN' => $lang['Ban_IP_explain'],
'L_BAN_EMAIL' => $lang['Ban_email'],
'L_BAN_EMAIL_EXPLAIN' => $lang['Ban_email_explain'],
'S_BAN_USERLIST_SELECT' => $select_userlist)
);
$userban_count = 0;
$ipban_count = 0;
$emailban_count = 0;
$sql = "SELECT b.ban_id, u.user_id, u.username
FROM " . BANLIST_TABLE . " b, " . USERS_TABLE . " u
WHERE u.user_id = b.ban_userid
AND b.ban_userid <> 0
AND u.user_id <> " . ANONYMOUS . "
ORDER BY u.user_id ASC";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select current user_id ban list', '', __LINE__, __FILE__, $sql);
}
$user_list = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);
$select_userlist = '';
for($i = 0; $i < count($user_list); $i++)
{
$select_userlist .= '<option value="' . $user_list[$i]['ban_id'] . '">' . $user_list[$i]['username'] . '</option>';
$userban_count++;
}
if( $select_userlist == '' )
{
$select_userlist = '<option value="-1">' . $lang['No_banned_users'] . '</option>';
}
$select_userlist = '<select name="unban_user[]" multiple="multiple" size="5">' . $select_userlist . '</select>';
$sql = "SELECT ban_id, ban_ip, ban_email
FROM " . BANLIST_TABLE;
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not select current ip ban list', '', __LINE__, __FILE__, $sql);
}
$banlist = $db->sql_fetchrowset($result);
$db->sql_freeresult($result);
$select_iplist = '';
$select_emaillist = '';
for($i = 0; $i < count($banlist); $i++)
{
$ban_id = $banlist[$i]['ban_id'];
if ( !empty($banlist[$i]['ban_ip']) )
{
$ban_ip = str_replace('256', '*', $banlist[$i]['ban_ip']);
$select_iplist .= '<option value="' . $ban_id . '">' . $ban_ip . '</option>';
$ipban_count++;
}
else if ( !empty($banlist[$i]['ban_email']) )
{
$ban_email = $banlist[$i]['ban_email'];
$select_emaillist .= '<option value="' . $ban_id . '">' . $ban_email . '</option>';
$emailban_count++;
}
}
if ( $select_iplist == '' )
{
$select_iplist = '<option value="-1">' . $lang['No_banned_ip'] . '</option>';
}
if ( $select_emaillist == '' )
{
$select_emaillist = '<option value="-1">' . $lang['No_banned_email'] . '</option>';
}
$select_iplist = '<select name="unban_ip[]" multiple="multiple" size="5">' . $select_iplist . '</select>';
$select_emaillist = '<select name="unban_email[]" multiple="multiple" size="5">' . $select_emaillist . '</select>';
$template->assign_vars(array(
'L_UNBAN_USER' => $lang['Unban_username'],
'L_UNBAN_USER_EXPLAIN' => $lang['Unban_username_explain'],
'L_UNBAN_IP' => $lang['Unban_IP'],
'L_UNBAN_IP_EXPLAIN' => $lang['Unban_IP_explain'],
'L_UNBAN_EMAIL' => $lang['Unban_email'],
'L_UNBAN_EMAIL_EXPLAIN' => $lang['Unban_email_explain'],
'S_UNBAN_USERLIST_SELECT' => $select_userlist,
'S_UNBAN_IPLIST_SELECT' => $select_iplist,
'S_UNBAN_EMAILLIST_SELECT' => $select_emaillist,
'S_BAN_ACTION' => append_sid("admin_user_ban.$phpEx"))
);
$mode = '';
}
$template->pparse('body');
$current_time = time();
include('page_footer_admin.'.$phpEx);
//
// Start program
//
if ( isset($HTTP_POST_VARS['bansubmit']) )
{
$ban_end = ( isset($HTTP_POST_VARS['banlength']) ) ? $current_time + ( intval($HTTP_POST_VARS['banlength']) * 60 ) : 0;
$ban_reason = ( isset($HTTP_POST_VARS['banreason']) ) ? $HTTP_POST_VARS['banreason'] : '';
$ban_list = array_unique(explode("\n", $HTTP_POST_VARS['ban']));
$banlist = array();
switch ( $mode )
{
case 'user':
$type = 'ban_userid';
$banlist_tmp = array();
for($i = 0; $i < count($ban_list); $i++)
{
if ( trim($ban_list[$i]) != '' )
{
$banlist_tmp[] = '\'' . trim($ban_list[$i]) . '\'';
}
}
$sql = "SELECT user_id
FROM " . USERS_TABLE . "
WHERE username IN (" . implode(', ', $banlist_tmp) . ")";
$result = $db->sql_query($sql);
if ( $row = $db->sql_fetchrow($result) )
{
do
{
$banlist[] = $row['user_id'];
}
while ( $row = $db->sql_fetchrow($result) );
}
unset($banlist_tmp);
break;
case 'ip':
$type = 'ban_ip';
for($i = 0; $i < count($ban_list); $i++)
{
if ( preg_match('/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/', trim($ban_list[$i]), $ip_range_explode) )
{
//
// Don't ask about all this, just don't ask ... !
//
$ip_1_counter = $ip_range_explode[1];
$ip_1_end = $ip_range_explode[5];
while ( $ip_1_counter <= $ip_1_end )
{
$ip_2_counter = ( $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[2] : 0;
$ip_2_end = ($ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[6];
if( $ip_2_counter == 0 && $ip_2_end == 254 )
{
$ip_2_counter = 256;
$ip_2_fragment = 256;
$banlist[] = "'$ip_1_counter.'";
}
while ( $ip_2_counter <= $ip_2_end )
{
$ip_3_counter = ( $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[3] : 0;
$ip_3_end = ($ip_2_counter < $ip_2_end || $ip_1_counter < $ip_1_end) ? 254 : $ip_range_explode[7];
if ( $ip_3_counter == 0 && $ip_3_end == 254 )
{
$ip_3_counter = 256;
$ip_3_fragment = 256;
$banlist[] = "'$ip_1_counter.$ip_2_counter.'";
}
while ( $ip_3_counter <= $ip_3_end )
{
$ip_4_counter = ( $ip_3_counter == $ip_range_explode[3] && $ip_2_counter == $ip_range_explode[2] && $ip_1_counter == $ip_range_explode[1] ) ? $ip_range_explode[4] : 0;
$ip_4_end = ($ip_3_counter < $ip_3_end || $ip_2_counter < $ip_2_end) ? 254 : $ip_range_explode[8];
if ( $ip_4_counter == 0 && $ip_4_end == 254 )
{
$ip_4_counter = 256;
$ip_4_fragment = 256;
$banlist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.'";
}
while ( $ip_4_counter <= $ip_4_end )
{
$banlist[] = "'$ip_1_counter.$ip_2_counter.$ip_3_counter.$ip_4_counter'";
$ip_4_counter++;
}
$ip_3_counter++;
}
$ip_2_counter++;
}
$ip_1_counter++;
}
}
else if ( preg_match('/^([\w\-_]\.?){2,}$/is', trim($ban_list[$i])) )
{
$ip = gethostbynamel(trim($ban_list[$i]));
for($j = 0; $j < count($ip); $j++)
{
if ( !empty($ip[$j]) )
{
$banlist[] = '\'' . $ip[$j] . '\'';
}
}
}
else if ( preg_match('/^([0-9]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})\.([0-9\*]{1,3})$/', trim($ban_list[$i])) )
{
$banlist[] = '\'' . str_replace('*', '', trim($ban_list[$i])) . '\'';
}
}
break;
case 'email':
$type = 'ban_email';
for($i = 0; $i < count($ban_list); $i++)
{
//
// This ereg match is based on one by php@unreelpro.com
// contained in the annotated php manual at php.com (ereg
// section)
//
if ( eregi('^(([[:alnum:]\*]+([-_.][[:alnum:]\*]+)*\.?)|(\*))@([[:alnum:]]+([-_]?[[:alnum:]]+)*\.){1,3}([[:alnum:]]{2,6})$', trim($ban_list[$i])) )
{
$banlist[] = '\'' . trim($ban_list[$i]) . '\'';
}
}
break;
}
$sql = "SELECT ban_userid, ban_ip, ban_email
FROM " . BANLIST_TABLE;
$result = $db->sql_query($sql);
if ( $row = $db->sql_fetchrow($result) )
{
$banlist_tmp = array();
do
{
switch ( $mode )
{
case 'user':
$banlist_tmp[] = $row['ban_userid'];
break;
case 'ip':
$banlist_tmp[] = '\'' . $row['ban_ip'] . '\'';
break;
case 'email':
$banlist_tmp[] = '\'' . $row['ban_email'] . '\'';
break;
}
}
while ( $row = $db->sql_fetchrow($result) );
$banlist = array_unique(array_diff($banlist, $banlist_tmp));
unset($banlist_tmp);
}
$current_time = time();
if ( sizeof($banlist) )
{
for($i = 0; $i < count($banlist); $i++)
{
$sql = "INSERT INTO " . BANLIST_TABLE . " ($type, ban_start, ban_end, ban_reason)
VALUES (" . $banlist[$i] . ", $current_time, $ban_end, '$ban_reason')";
$db->sql_query($sql);
}
$sql = '';
switch ( $mode )
{
case 'user':
$sql = "WHERE session_user_id IN (" . implode(', ', $banlist) . ")";
break;
case 'ip':
$sql = "WHERE session_ip IN (" . implode(', ', $banlist) . ")";
break;
case 'email':
$sql = "SELECT user_id
FROM " . USERS_TABLE . "
WHERE user_email IN (" . implode(', ', $banlist) . ")";
$result = $db->sql_query($sql);
$sql = '';
if ( $row = $db->sql_fetchrow($result) )
{
do
{
$sql .= ( ( $sql != '' ) ? ', ' : '' ) . $row['user_id'];
}
while ( $row = $db->sql_fetchrow($result) );
$sql = "WHERE session_user_id IN (" . str_replace('*', '%', $sql) . ")";
}
break;
}
if ( $sql != '' )
{
$sql = "DELETE FROM " . SESSIONS_TABLE . "
$sql";
$db->sql_query($sql);
}
//
// Update log
//
add_admin_log('log_ban_' . $mode, str_replace('\'', '', implode(', ', $banlist)), $ban_reason);
}
$message = $lang['Ban_update_sucessful'] . '<br /><br />' . sprintf($lang['Click_return_banadmin'], '<a href="' . "admin_ban.$phpEx$SID&amp;mode=$mode" . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . "index.$phpEx$SID&amp;pane=right" . '">', '</a>');
message_die(MESSAGE, $message);
}
else if ( isset($HTTP_POST_VARS['unbansubmit']) )
{
$unban_sql = '';
for($i = 0; $i < count($HTTP_POST_VARS['unban']); $i++ )
{
$unban_sql .= ( ( $unban_sql != '' ) ? ', ' : '' ) . intval($HTTP_POST_VARS['unban'][$i]);
}
if ( $unban_sql != '' )
{
$sql = "DELETE FROM " . BANLIST_TABLE . "
WHERE ban_id IN ($unban_sql)";
$db->sql_query($sql);
add_admin_log('log_unban_' . $mode, sizeof($HTTP_POST_VARS['unban']));
}
$message = $lang['Ban_update_sucessful'] . '<br /><br />' . sprintf($lang['Click_return_banadmin'], '<a href="' . "admin_ban.$phpEx$SID&amp;mode=$mode" . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . "index.$phpEx$SID&amp;pane=right" . '">', '</a>');
message_die(MESSAGE, $message);
}
//
// Output relevant entry page
//
//
// Remove timed out bans
//
$sql = "DELETE FROM " . BANLIST_TABLE . "
WHERE ban_end < " . time() . "
AND ban_end <> 0";
$db->sql_query($sql);
//
// Ban length options
//
$ban_end_text = array(0 => $lang['Permanent'], 30 => $lang['30_Mins'], 60 => $lang['1_Hour'], 360 => $lang['6_Hours'], 1440 => $lang['1_Day'], 10080 => $lang['7_Days'], 20160 => $lang['2_Weeks'], 40320 => $lang['1_Month']);
$ban_end_options = '';
foreach ( $ban_end_text as $length => $text )
{
$ban_end_options .= '<option value="' . $length . '">' . $text . '</option>';
}
//
// Title
//
switch ( $mode )
{
case 'user':
$l_title = $lang['Ban_users'];
break;
case 'email':
$l_title = $lang['Ban_emails'];
break;
case 'ip':
$l_title = $lang['Ban_ips'];
break;
}
//
// Output page
//
page_header($l_title);
?>
<p><?php echo $lang['Ban_explain']; ?></p>
<?php
switch ( $mode )
{
case 'user':
$sql = "SELECT b.*, u.user_id, u.username
FROM " . BANLIST_TABLE . " b, " . USERS_TABLE . " u
WHERE ( b.ban_end >= " . time() . "
OR b.ban_end = 0 )
AND u.user_id = b.ban_userid
AND b.ban_userid <> 0
AND u.user_id <> " . ANONYMOUS . "
ORDER BY u.user_id ASC";
$result = $db->sql_query($sql);
$banned_options = '';
$banned_length = '';
$banned_options = '';
if ( $row = $db->sql_fetchrow($result) )
{
do
{
$banned_options .= '<option value="' . $row['ban_id'] . '">' . $row['username'] . '</option>';
$banned_length .= ( ( $banned_length != '' ) ? ', ' : '' ) . '\'' . ( $ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)] ) . '\'';
$banned_reasons .= ( ( $banned_reasons != '' ) ? ', ' : '' ) . '\'' . addslashes($row['ban_reason']) . '\'';
}
while ( $row = $db->sql_fetchrow($result) );
}
$db->sql_freeresult($result);
?>
<script language="Javascript" type="text/javascript">
<!--
var ban_length = new Array(<?php echo $banned_length; ?>);
var ban_reasons = new Array(<?php echo $banned_reasons; ?>);
//-->
</script>
<h1><?php echo $lang['Ban_users']; ?></h1>
<p><?php echo $lang['Ban_username_explain']; ?></p>
<form method="post" action="<?php echo "admin_ban.$phpEx$SID&amp;mode=$mode"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th colspan="2"><?php echo $lang['Ban_users']; ?></th>
</tr>
<tr>
<td class="row1" width="45%"><?php echo $lang['Username']; ?>: </td>
<td class="row1"><textarea cols="40" rows="3" name="ban"></textarea></td>
</tr>
<tr>
<td class="row2" width="45%"><?php echo $lang['Ban_length']; ?>:</td>
<td class="row2"><select name="banlength"><?php echo $ban_end_options; ?></select></td>
</tr>
<tr>
<td class="row2" width="45%"><?php echo $lang['Ban_reason']; ?>:</td>
<td class="row2"><input type="text" name="banreason" maxlength="255" size="40" /></td>
</tr>
<tr>
<td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $lang['Submit']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $lang['Reset']; ?>" class="liteoption" />&nbsp; <input type="submit" name="usersubmit" value="<?php echo $lang['Find_username']; ?>" class="liteoption" onClick="window.open('<?php echo "../search.$phpEx$SID&amp;mode=searchuser"; ?>', '_phpbbsearch', 'HEIGHT=250,resizable=yes,WIDTH=400');return false;" /></td>
</tr>
</table>
<h1><?php echo $lang['Unban_username']; ?></h1>
<p><?php echo $lang['Unban_username_explain']; ?></p>
<table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th colspan="2"><?php echo $lang['Unban_username']; ?></th>
</tr>
<tr>
<td class="row1" width="45%"><?php echo $lang['Username']; ?>: </td>
<td class="row1"><?php if ( $banned_options != '' ) { ?><select name="unban[]" multiple="multiple" size="5"><?php echo $banned_options; ?></select><?php } else { echo $lang['No_banned_users']; } ?></td>
</tr>
<tr>
<td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $lang['Submit']; ?>" class="mainoption" /></td>
</tr>
<?php
break;
case 'ip':
$sql = "SELECT *
FROM " . BANLIST_TABLE . "
WHERE ( ban_end >= " . time() . "
OR ban_end = 0 )
AND ban_ip <> ''";
$result = $db->sql_query($sql);
$banned_reasons = '';
$banned_length = '';
$banned_options = '';
if ( $row = $db->sql_fetchrow($result) )
{
do
{
$banned_options .= '<option value="' . $row['ban_id'] . '">' . $row['ban_ip'] . '</option>';
$banned_length .= ( ( $banned_length != '' ) ? ', ' : '' ) . '\'' . ( $ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)] ) . '\'';
$banned_reasons .= ( ( $banned_reasons != '' ) ? ', ' : '' ) . '\'' . addslashes($row['ban_reason']) . '\'';
}
while ( $row = $db->sql_fetchrow($result) );
}
$db->sql_freeresult($result);
?>
<script language="Javascript" type="text/javascript">
<!--
var ban_length = new Array(<?php echo $banned_length; ?>);
var ban_reasons = new Array(<?php echo $banned_reasons; ?>);
//-->
</script>
<h1><?php echo $lang['Ban_ips']; ?></h1>
<p><?php echo $lang['Ban_IP_explain']; ?></p>
<form method="post" name="ban" action="<?php echo "admin_ban.$phpEx$SID&amp;mode=$mode"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th colspan="2"><?php echo $lang['Ban_ips']; ?></th>
</tr>
<tr>
<td class="row1" width="45%"><?php echo $lang['IP_hostname']; ?>: </td>
<td class="row1"><textarea cols="40" rows="3" name="ban"></textarea></td>
</tr>
<tr>
<td class="row2" width="45%"><?php echo $lang['Ban_length']; ?>:</td>
<td class="row2"><select name="banlength"><?php echo $ban_end_options; ?></select></td>
</tr>
<tr>
<td class="row2" width="45%"><?php echo $lang['Ban_reason']; ?>:</td>
<td class="row2"><input type="text" name="banreason" maxlength="255" size="40" /></td>
</tr>
<tr>
<td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $lang['Submit']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $lang['Reset']; ?>" class="liteoption" /></td>
</tr>
</table>
<h1><?php echo $lang['Unban_IP']; ?></h1>
<p><?php echo $lang['Unban_IP_explain']; ?></p>
<table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th colspan="2"><?php echo $lang['Unban_IP']; ?></th>
</tr>
<tr>
<td class="row1" width="45%"><?php echo $lang['IP_hostname']; ?>: <br /></td>
<td class="row1"> <?php if ( $banned_options != '' ) { ?><select name="unban[]" multiple="multiple" size="5"><?php echo $banned_options; ?></select><?php } else { echo $lang['No_banned_ip']; } ?></td>
</tr>
<tr>
<td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $lang['Submit']; ?>" class="mainoption" /></td>
</tr>
<?php
break;
case 'email':
$sql = "SELECT *
FROM " . BANLIST_TABLE . "
WHERE ( ban_end >= " . time() . "
OR ban_end = 0 )
AND ban_email <> ''";
$result = $db->sql_query($sql);
$banned_options = '';
$banned_length = '';
$banned_options = '';
if ( $row = $db->sql_fetchrow($result) )
{
do
{
$banned_options .= '<option value="' . $row['ban_id'] . '">' . $row['ban_email'] . '</option>';
$banned_length .= ( ( $banned_length != '' ) ? ', ' : '' ) . '\'' . ( $ban_end_text[(($row['ban_end'] - $row['ban_start']) / 60)] ) . '\'';
$banned_reasons .= ( ( $banned_reasons != '' ) ? ', ' : '' ) . '\'' . addslashes($row['ban_reason']) . '\'';
}
while ( $row = $db->sql_fetchrow($result) );
}
$db->sql_freeresult($result);
?>
<h1><?php echo $lang['Ban_emails']; ?></h1>
<p><?php echo $lang['Ban_email_explain']; ?></p>
<script language="Javascript" type="text/javascript">
<!--
var ban_length = new Array(<?php echo $banned_length; ?>);
var ban_reasons = new Array(<?php echo $banned_reasons; ?>);
//-->
</script>
<form method="post" action="<?php echo "admin_ban.$phpEx$SID&amp;mode=$mode"; ?>"><table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th colspan="2"><?php echo $lang['Ban_emails']; ?></th>
</tr>
<tr>
<td class="row1" width="45%"><?php echo $lang['Email_address']; ?>: </td>
<td class="row1"><textarea cols="40" rows="3" name="ban"></textarea></td>
</tr>
<tr>
<td class="row2" width="45%"><?php echo $lang['Ban_length']; ?>:</td>
<td class="row2"><select name="banlength"><?php echo $ban_end_options; ?></select></td>
</tr>
<tr>
<td class="row2" width="45%"><?php echo $lang['Ban_reason']; ?>:</td>
<td class="row2"><input type="text" name="banreason" maxlength="255" size="40" /></td>
</tr>
<tr>
<td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $lang['Submit']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $lang['Reset']; ?>" class="liteoption" /></td>
</tr>
</table>
<h1><?php echo $lang['Unban_email']; ?></h1>
<p><?php echo $lang['Unban_email_explain']; ?></p>
<table class="bg" width="80%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th colspan="2"><?php echo $lang['Unban_IP']; ?></th>
</tr>
<tr>
<td class="row1" width="45%"><?php echo $lang['Email_address']; ?>: <br /></td>
<td class="row1"> <?php if ( $banned_options != '' ) { ?><select name="unban[]" multiple="multiple" size="5"><?php echo $banned_options; ?></select><?php } else { echo $lang['No_banned_email']; } ?></td>
</tr>
<tr>
<td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $lang['Submit']; ?>" class="mainoption" /></td>
</tr>
<?php
break;
}
?>
</table></form>
<br clear="all" />
<?php
page_footer();
?>